Shodan
Vulnerabilities
Vulnerable Software
Lcds:  >> Laquis Scada  >> 4.1  Security Vulnerabilities
CVE-2021-32989
When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.
CVSS Score
9.3
EPSS Score
0.002
Published
2022-05-25
CVE-2020-10618
LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to sensitive information exposure by unauthorized users.
CVSS Score
5.5
EPSS Score
0.002
Published
2020-05-04
CVE-2020-10622
LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users
CVSS Score
7.8
EPSS Score
0.002
Published
2020-05-04
CVE-2018-18986
LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may cause a system crash, allow data exfiltration, or remote code execution.
CVSS Score
7.8
EPSS Score
0.005
Published
2019-02-05
CVE-2018-18990
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process.
CVSS Score
5.3
EPSS Score
0.043
Published
2019-02-05
CVE-2018-18992
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-02-05
CVE-2018-18996
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-02-05
CVE-2018-18998
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-02-05
CVE-2018-19000
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data.
CVSS Score
5.3
EPSS Score
0.005
Published
2019-02-05
CVE-2018-19002
LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash.
CVSS Score
7.8
EPSS Score
0.005
Published
2019-02-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved